US20030005320A1 - Electronic security information management method and recording medium using an IC card - Google Patents

Electronic security information management method and recording medium using an IC card Download PDF

Info

Publication number
US20030005320A1
US20030005320A1 US10/108,389 US10838902A US2003005320A1 US 20030005320 A1 US20030005320 A1 US 20030005320A1 US 10838902 A US10838902 A US 10838902A US 2003005320 A1 US2003005320 A1 US 2003005320A1
Authority
US
United States
Prior art keywords
information
data
medium
management method
authorization
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US10/108,389
Other languages
English (en)
Inventor
Shinji Matsune
Shouzou Fukuya
Hiroshi Nitta
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Fujitsu Ltd
Original Assignee
Fujitsu Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fujitsu Ltd filed Critical Fujitsu Ltd
Assigned to FUJITSU LIMITED reassignment FUJITSU LIMITED ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: FUKUYA, SHOUZOU, MATSUNE, SHINJI, NITTA, HIROSHI
Publication of US20030005320A1 publication Critical patent/US20030005320A1/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2153Using hardware token as a secondary aspect

Definitions

  • the present invention relates to an information management method for deterring data leaks, enabling a search and inspection of the data when data is copied to a recording medium from a personal computer within an organization and a search of the records of the process used to copy the data to the recording medium.
  • Important data of an organization is generally specified with an implementation rule and regulated so it may used only for the limited purposes within the organization.
  • a user intentionally encrypts the data and decodes such data at the time of use through user authentication by inputting a password or the like.
  • a data leak can happen to the outside of an organization with transmission of secret data using E-mail or the like.
  • One way of deterring such a data leak is taken through employment of monitoring the E-mails with a mail server or the like on the intra-organization (corporation) network.
  • a recording medium such as a floppy disk
  • a recording medium such as a floppy disk
  • the present invention has been proposed considering the problems explained above. Accordingly, it is an object of the present invention to provide a method to prevent illegal data leaks by copying the data to a recording medium and then carrying the medium to an outside organization, and to prevent illegal use of secret data recorded in the relevant medium and enable search and inspection of data after the data is copied and encrypted in the recording medium.
  • one exemplary embodiment of the information management method of the present invention is accessing a authorization medium, when copying a data recorded in a first recording medium in an information processing apparatus to a second recording medium and executing the copying when an authorization permitting the copying from the first recording medium can be read from the authorization medium or refusing the copying when the authorization cannot be read.
  • the authorization medium executes the copying process when the information permitting copy from the first recording medium can be read from the authorization medium or deters the copying process when the copy permitting information cannot be read out.
  • a copying destination range information for designating the destination range of copying is recorded to the authorization medium generated for information management, and the copying process is executed when the second recording medium is matched with the copying destination range information.
  • this copying process is deterred when the second recording medium is not matched with the medium class information.
  • the data is encrypted. Automatically with the copying operation in the copying operation explained above, if the recording medium is handed over to the third party, illegal data use can be prevented.
  • another exemplary embodiment of the information management method of the present invention is accessing, in a second recording medium, an information permitting the use of a data recorded in a first recording medium, when reading and using a data recorded in the first recording medium and permitting the use of the data when an apparatus can read the information from the second recording medium and refusing the use of data when the apparatus cannot read the information.
  • the information management method it is preferable for protection of data to structure the information management method to provide a structure such that the data recorded in the first recording medium is encrypted, the encrypted data is copied to the authorization medium provided in the information processing apparatus and decoded when the information processing apparatus uses the encrypted data recorded in the authorization medium or the data processed based on the process using the decoded data is encrypted for the write-back process when the processed data is written back for the authorization medium.
  • various embodiments can also include a process that is recording a data application number information in the first recording medium and a data application maximum number in the authorization medium, reading, when using the data of the first recording medium, the data application number information and data application maximum number information, comparing the data application number information and data application maximum number information and permitting the use of the data and incrementing the data application number information by one when the data application number does not exceed the data application maximum number and refusing the use of the data when the data application number exceeds the data application maximum number.
  • an information management method can include setting, to a authorization medium, by a first information processing apparatus, an information permitting a copy of a data stored in a first recording medium provided in a second information processing apparatus to a second recording medium and copying, with the second information processing apparatus, the data stored on the first recording medium, to the second recording medium, when the information permitting a copy can be read from the authorization medium.
  • Another exemplary embodiment includes having a first information processing apparatus set to a second recording medium an information permitting the use of a data recorded in a first recording medium with a second information apparatus when the data is read with the second information processing apparatus.
  • a further exemplary embodiment can include setting, using a first information processing apparatus, to a authorization medium, a copy permitting information of a data recorded in a first recording medium provided in a second information processing apparatus to a second recording medium and an information permitting a use of the data copied to the second recording medium by a third information processing apparatus, copying, using the second information processing apparatus, the data to the second recording medium from the first recording medium when the second information processing apparatus can read the copy permitting information from the authorization medium and enabling the third information processing apparatus to use the data recorded in the second recording medium when the third information processing apparatus can read the data application permitting information from the authorization medium.
  • a further exemplary embodiment can include copying a data recorded in a first recording medium provided in a first information processing apparatus to a second recording medium, writing back, using a second information processing apparatus, to the second recording medium, an updated data updated by processing the data recorded in the second recording medium, reading, using the first information processing apparatus, when executing the process to write back the data written back by the second recording medium to the first recording medium, an identification information of an original information processing apparatus in which the data existed from a authorization medium and permitting the write-back process of the data when the first information processing apparatus is identified and refusing the write-back process of data when a first information processing apparatus cannot be identified and/or the identification information cannot be read.
  • a further exemplary embodiment can be an electronic storage medium containing a program embodying an information management method including accessing a authorization medium when an instruction to copy a data recorded in a first recording medium provided in the information processing apparatus to a second recording medium is inputted and executing the instruction to copy when the apparatus can read an information permitting the copy from the first recording medium or the authorization medium and refusing the instruction to copy when the apparatus cannot read the copy permitting information.
  • a further exemplary embodiment can be an electronic storage medium containing a program embodying an information management method that includes accessing a authorization medium before reading and using a data recorded in a first recording medium and permitting the use of the data when the apparatus can read, from a authorization medium, an information permitting the use of data in the first recording medium or refusing the use of the data when the information processing apparatus cannot read the information permitting the use of data.
  • a further exemplary embodiment can be an electronic storage medium containing a program embodying an information management method that includes recording at least one process to a authorization medium, including a security information about permitting a copy of a data stored on a first recording medium inserted in a second information processing apparatus to a second recording medium when the information is read with the second information processing apparatus.
  • a further exemplary embodiment can be an electronic storage medium containing a program embodying an information management method, that includes recording at least one process to a authorization medium, including a security information for permitting a use of a data recorded on a first recording medium by a second information processing apparatus when the security information is read with the second information processing apparatus.
  • the storage mediums mentioned can be at least one of a floppy disk, a compact disk, a digital video disk, a removable hard drive, a zip disk, an optical recording disk, an electronic memory device, an integrated circuit card, a proximity card, a data card, a optical recording card and an impression transfer card.
  • FIG. 1 is a diagram for explaining the overall concept of the structure and processes according to preferred embodiments of the present invention
  • FIG. 2 is a diagram showing the data recorded in the IC card in a preferred embodiment of the present invention.
  • FIG. 3 is a flowchart showing the IC card issuing process (procedure 1) in a preferred embodiment of the present invention
  • FIG. 4 is a flowchart showing the copying and encryption process (procedure 2) of data in a preferred embodiment of the present invention
  • FIG. 5 is a flowchart showing the process (procedure 3) for using the encrypted data by decoding thereof in a preferred embodiment of the present invention
  • FIG. 6 is a flowchart showing the IC card return/inspection process (procedure 4) in a preferred embodiment of the present invention
  • FIG. 7 is a flowchart showing the data returning process (procedure 5) in a preferred embodiment of the present invention.
  • FIG. 8 is a diagram for explaining the summary of the processes in the procedures 2, 3, 5 according to a preferred embodiment of the present invention.
  • a recording medium can be, for example, any one of a floppy disk, a compact disk, a digital video disk, a removable hard drive, a zip disk, an optical recording disk and an electronic memory device.
  • a copy destination class or range can be a type of electronic recording media.
  • a hard drive or a network drive may be one class or range and floppy disks may be a second class or range.
  • a data application number can be a unique number for identifying either a type of software, a specific software program or a specific copy of a software program.
  • Additional terms used herein include a data application validity term, which can be any time period where the use of data or software to access data is authorized.
  • a right information can be any of authorization information, access rights, modification rights, or any other type of authorization as is now known or later devised.
  • Important or secret data of an organization is generally specified with an implementation rule and/or regulation so that it is used only for specified limited purposes within an organization.
  • a user can intentionally encrypt the data and allow the person to decode the data at the time of use through a user authentication.
  • FIG. 1 is a diagram that explains an exemplary structure and concept used in an exemplary aspect of the present invention.
  • the arrow marks show the flow of the process and possible movement of an IC card and a recording medium 4 and do not indicate the data transmission via the communication line.
  • a management server 1 issues an IC card 2 (which is a recording medium for management) in which the security policy for dealing with the secret data is recorded (procedure 1).
  • This management server 1 is manipulated by an administrator in charge within the company (organization).
  • the issued IC card 2 is then loaned to a data copying operator who is permitted to conduct the copying operation by the administrator.
  • This data copying operator executes, when copying the “Intra-Office Only” data to the recording medium 4 other than the hard disc drive (HDD) from a personal computer provided within the company (organization), the copying operation and encryption of data based on the security policy recorded in the IC card 2 issued in the procedure 1 and thereby the executed processes are recorded in the IC card 2 (procedure 2).
  • a floppy disc is shown as an example of a recording medium 4 , but the present invention is not limited thereto. Namely, removable recording mediums such as an external hard disk drive, MO, or ZIP drive other than the built-in hard disk drive and the copying process to a network drive are also considered part of the invention. The process is further explained in the procedure 2.
  • the data recorded in this recording medium 4 is used in a personal computer 5 other than the computer 3 in which the original data is recorded (for example, a mobile computer carried to the outside of the company or a computer provided in a branch office or the like), copy and use of data are possible based on the security policy recorded in the IC card 2 .
  • a record of the processes executed is also recorded in the IC card 2 (procedure 3).
  • the data copying operator who has executed the procedure 2 is capable of carrying the IC card 2 to the outside of the organization, for example, and then using this IC card 2 there.
  • the data copying operator (or an administrator who has once received the IC card 2 returned from the data copying operator) is capable of lending this IC card 2 to the other data user.
  • the IC card 2 in which the processes of the procedures 1 and 2 are recorded is returned to the management server 1 for the purpose of inspection and this IC card 2 is inspected by the administrator (procedure 4).
  • the management server 1 comprises an IC card lending-returning management file 11 in which the information regarding the lending of IC card in the procedure 1 explained later and the information regarding the return of IC card in the procedure 4 are recorded, a security policy information file 12 which is referred when the IC card 2 is issued in the procedure 1 and an inspection information recording file 13 for reading and recording the inspection information from the IC card when the IC card is returned in the procedure 4.
  • the management server 1 is also provided with a card slot for the read/write access for the IC card 2 (not shown in the figure).
  • the personal computers 3 , 5 are respectively provided with a drive for executing the read/write access to the recording medium 4 and a card slot (not shown in the figure) for executing the read/write access to the IC card 2 .
  • These drive and card slots also include the structure which is not built in the server or computer and can be realized with the external installation.
  • the process program for executing the procedures 1 and 4 is installed in the management server, while the process program for executing the procedures 2 and 5 is installed in the personal computer 3 and the process program for executing the procedure 3 is installed in the personal computer 5 , respectively.
  • FIG. 2 is a diagram showing the attributes of the information recorded in the IC card 2 .
  • the item number 205 Record of Data Processes is the region for recording the processes (process attribute, ID of the apparatus executing the process, processing time, or the like) when the process is executed with a personal computer in the procedures 2, 3, 5 explained later.
  • the management server sets the other regions in the above procedure 1.
  • an IC card is used as a medium for data management in this embodiment is that an IC card has very excellent characteristics as a security medium, does not have fragileness which can be found in an electronic medium of the related art and can protect perfectly the data written inside thereof.
  • FIG. 3 is a flowchart showing an exemplary process (Procedure 1) of an IC card issuing process.
  • the process begins at start 300 .
  • the management server 1 first authenticates an administrator at 310 , i.e., whether a server operator is a justified administrator or not. If authentication OK at 320 fails, this information is recorded at 315 to the inspection information file 13 .
  • the IC card issuing process or IC card non-return inspection process is executed at 325 depending on the selection input for the process to be executed at 330 .
  • the security policy information is first set at.
  • the condition information such as importance degree of object data and attribute (position, or the like) of an object person for execution of the procedures 2, 3 explained later is inputted with an administrator and a data use limitation information or the like corresponding to the input condition information is edited with reference to the setting of security policy information file 12 at 340 .
  • the various information pieces shown in FIG. 2 are written into the IC card 2 .
  • the destination of lending, date of lending, date of return of the IC card 2 are recorded in the IC card lending-returning management file 11 .
  • the IC card lending-returning management file 11 is accessed to check whether the IC card 2 having passed the return date exists or not. If the IC card having passed the return date is detected, the destination of lending is read and an owner of this IC card is recorded to the inspection information file 13 as an offender against the security policy. Moreover, a warning message is notified as required to the offender. The process ends at end 399 .
  • FIG. 4 is a flowchart showing a second exemplary (procedure 2) data copy and encryption process.
  • the process begins at start 400 .
  • a personal computer 3 of the company to which the data is to be protected and a software to execute the processes, are installed.
  • the personal computer 3 authenticates an operator of this computer as a data user who can execute the data process or not using the IC card 2 .
  • This authentication administrator at 410 is conducted through collation with the password 201 written in the IC card 2 .
  • authentication administrator fails at 420 , it is determined at 415 whether the number of times of authentication has exceeded the maximum number of times of authentication administrator recorded in the IC card or not. When exceeded, the IC card is locked at 418 disabling the use. When not exceeded, failure of authentication administrator is recorded at 405 and authentication administrator is accepted again at 410 . Such authentication process is executed with the function of an ordinary IC card.
  • the manipulation is conducted to copy the data located in the position 207 of the object data.
  • the file to be copied is matched with the object file name 209 .
  • the medium in the drive of the destination of copy is matched with copy object medium class 210 in the IC card 2 . (If copy of the object file is attempted without using the IC card, the process program stops the copying process itself.) If these conditions are not matched, a warning display is executed and a warning record is recorded at 465 in the data processing region 205 .
  • the data of the copying sources are read and are then written into the medium 480 as the copy destination.
  • the data is encrypted using the encryption process and an encryption key (not shown) recorded in the IC card.
  • An encryption/decoding program at 470 may be provided in the side of the IC card 2 or may be executed with the process program installed in the computer. When these processes are completed, a record of data copy is recorded at 490 in the data processing region 205 . The process ends at 499 .
  • FIG. 5 is a flowchart showing another exemplary embodiment of the Encrypted data decoding/application process (procedure 3).
  • the process begins at start 500 .
  • the process for decoding and using the encrypted data copied in the recording medium as explained above with a personal computer 5 different from that as the source of copy will be explained.
  • the IC card 2 When using such recording medium in this embodiment of the present invention, the IC card 2 must be set.
  • a decoding object PC 208 is read out to check whether the relevant personal computer is the decoding object PC or not at 550 . This check may be conducted by previously giving a unique ID to the process program to be installed and then checking the match or by checking the ID for the hardware such as computer and drive.
  • the process object PC When the process object PC is confirmed, the maximum number of times of decoding 203 and number of times of decoding 204 recorded in the IC card are read out and at 560 it is checked whether the number of times of decoding reaches the maximum number of times of decoding or not. Moreover, the date of decoding (the current date of system) is compared at 570 with the term of validity for decoding 206 to check whether the valid term of decoding is expired or not.
  • the decoding program uses this access to decode the data for use by the application software.
  • the encryption program uses this access for encryption of data and writes the data to the file.
  • this decoding program can be installed to a personal computer for execution like the encryption program even if the IC card 2 is not present.
  • data can be used 592 with the application software installed in the personal computer 5 .
  • the right for using the data at 540 read out previously is checked to check whether an operator of the computer 5 has the right for re-storage and printing of data or not at 596 .
  • re-storage and printing processes are executed at 594 .
  • use of data is to be completed based on the application software 593 , traces including the job files are erased 598 perfectly not to leave the decoded data in the hard disc of the computer 5 . The process ends at end 599 .
  • FIG. 6 is a flowchart showing an exemplary example of (the procedure 4) IC card return/inspection process flow.
  • the process begins at start 600 .
  • the management server 1 requests to authenticate an administrator at 610 and determines whether an operator of the server is a justified administrator or not at 620 . If authentication of the administrator fails, this information is recorded in the inspection information file 13 at 625 .
  • manipulation of the IC card 2 set to the card slot is authenticated at 630 and when the number of times of authentication administrator has exceeded the maximum number of times of authentication specified in the IC card at 645 , the IC card is locked at 647 .
  • the process record recorded in the data process recording region 205 of the IC card 2 is read out at 650 to check at 660 whether an action offending against the content recorded in the IC card 2 or not (actions to which a warning is issued by the system) is recorded.
  • an offending action is detected, the process for handling an offending action, which is preset in the system (for example, printing of a list of offending actions) is executed at 665 .
  • the record of process recorded at 670 in the data process recording region 205 is copied to the inspection information file 13 and when this process is completed, the IC card itself is initialized and the internal data is erased at 680 . The process ends at 699 .
  • FIG. 7 is a flowchart showing an exemplary (procedure 5) process for returning the data.
  • the process for writing back, to the computer, the file carried to the outside as a recording medium 4 after the process at the branch office or the like will now be explained below.
  • the process begins at start 700 .
  • Whether a data user is qualified to execute the data using the IC card 2 or not is authenticated at 710 .
  • the authentication administrator at 720 fails, a record of defective authentication is written at 705 every time into the data process recording region 205 of the IC card 2 .
  • the IC card is locked at 727 , disabling the use thereof.
  • a warning message is displayed at 755 and a record of warning is recorded at 765 to the data process recording region 205 .
  • a file is decoded at 760 and copied at 770 to write a record of copy at 780 to the data process recording region 205 .
  • the process ends at 799 .
  • FIG. 8 shows an exemplary embodiment of procedures 2, 3 and 5.
  • the part given the sign o can be processed and the part given the sign x cannot be processed.
  • “Record of Use” and “Record of Offense” are respectively recorded to the data process recording region 205 of the IC card 2 .
  • the encrypted data is written into the floppy disc drive. Since the PC using data (ID: MyPC) is matched with the decoding object PC name 208 within the IC card 2 (MyPC), the data copied to the “C: ⁇ MyData” described in the decoding object root folder 211 under the encrypted condition.
  • the data is decoded.
  • the information suggesting no right is set in the decoding data re-use right 214 , re-storage and printing of the encrypted data in the general purpose application are prohibited.
  • the encrypted file can be copied to the other folder, but it is impossible to read in direct the data because of encryption and moreover since the folder is the one other than the decoding object root folder 211 , decoding is impossible even when the IC card 2 is used.
  • the data can be stored in the decoding object folder using the same file name or the other file name by editing the data. In this case, the data is encrypted again. In the case where the object file is returned to the original PC after the use thereof, the PC is checked whether it is the PC (ID: OFFICEPC) where the object data exists or not. When the check result is OK, the data is decoded and then returned.
  • the PC ID: OFFICEPC
  • the information to permit the copy of data is required.
  • the information can be on a recording medium (IC card or the like), which is different from the recording medium explained above, but of similar nature. Therefore, executing the management of the recording media (including such copy permitting information) can prevent unauthorized leaks of the data.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)
  • Signal Processing For Digital Recording And Reproducing (AREA)
US10/108,389 2001-06-27 2002-03-29 Electronic security information management method and recording medium using an IC card Abandoned US20030005320A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2001194581A JP3849465B2 (ja) 2001-06-27 2001-06-27 情報管理方法
JP2001-194581 2001-06-27

Publications (1)

Publication Number Publication Date
US20030005320A1 true US20030005320A1 (en) 2003-01-02

Family

ID=19032688

Family Applications (1)

Application Number Title Priority Date Filing Date
US10/108,389 Abandoned US20030005320A1 (en) 2001-06-27 2002-03-29 Electronic security information management method and recording medium using an IC card

Country Status (2)

Country Link
US (1) US20030005320A1 (ja)
JP (1) JP3849465B2 (ja)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004260750A (ja) * 2003-02-27 2004-09-16 Fuji Xerox Co Ltd 文書処理装置、画像形成媒体、文書復元装置、文書管理方法、およびプログラム
JP2006139502A (ja) * 2004-11-11 2006-06-01 Murata Mach Ltd 画像処理装置
WO2006085657A1 (ja) * 2005-02-14 2006-08-17 Seiko Epson Corporation 外部記録媒体書き込み装置を用いたデータ管理方法およびデータ管理システム
JP4678884B2 (ja) * 2008-01-29 2011-04-27 株式会社日立情報システムズ 可搬記憶媒体管理システム
ES2534063T3 (es) 2009-09-09 2015-04-17 Nestec S.A. Máquina de bebidas en una red
JP5902797B2 (ja) * 2014-12-11 2016-04-13 株式会社日本ビジネスエンジニアリング ファイル安全確保プログラム

Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5065429A (en) * 1989-04-03 1991-11-12 Lang Gerald S Method and apparatus for protecting material on storage media
US5701343A (en) * 1994-12-01 1997-12-23 Nippon Telegraph & Telephone Corporation Method and system for digital information protection
US6144743A (en) * 1997-02-07 2000-11-07 Kabushiki Kaisha Toshiba Information recording medium, recording apparatus, information transmission system, and decryption apparatus
US20020029347A1 (en) * 2000-09-01 2002-03-07 Edelman Martin S. System and method for preventing unauthorized access to electronic data
US6362893B1 (en) * 1998-03-06 2002-03-26 Fargo Electronics, Inc. Security printing and unlocking mechanism for high security printers
US6421779B1 (en) * 1997-11-14 2002-07-16 Fujitsu Limited Electronic data storage apparatus, system and method
US6463539B1 (en) * 1997-09-30 2002-10-08 Victor Company Of Japan, Ltd. Managing system for reproducing information composed of information recording medium, managing medium, and reproduction method and apparatus method therefor
US6574735B2 (en) * 1997-08-29 2003-06-03 Sony Corporation Information signal recording/reproducing system, information signal recording device, information signal reproducing device and information signal recording/reproducing process
US6807534B1 (en) * 1995-10-13 2004-10-19 Trustees Of Dartmouth College System and method for managing copyrighted electronic media
US6865431B1 (en) * 1999-05-28 2005-03-08 Matsushita Electric Industrial Co., Ltd. Semiconductor memory card, playback apparatus, recording apparatus, playback method, recording method, and computer-readable recording medium
US6901511B1 (en) * 2000-01-13 2005-05-31 Casio Computer Co., Ltd. Portable terminals, servers, systems, and their program recording mediums
US7003501B2 (en) * 2000-02-11 2006-02-21 Maurice Ostroff Method for preventing fraudulent use of credit cards and credit card information, and for preventing unauthorized access to restricted physical and virtual sites
US7032240B1 (en) * 1999-12-07 2006-04-18 Pace Anti-Piracy, Inc. Portable authorization device for authorizing use of protected information and associated method

Patent Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5065429A (en) * 1989-04-03 1991-11-12 Lang Gerald S Method and apparatus for protecting material on storage media
US5701343A (en) * 1994-12-01 1997-12-23 Nippon Telegraph & Telephone Corporation Method and system for digital information protection
US6807534B1 (en) * 1995-10-13 2004-10-19 Trustees Of Dartmouth College System and method for managing copyrighted electronic media
US6144743A (en) * 1997-02-07 2000-11-07 Kabushiki Kaisha Toshiba Information recording medium, recording apparatus, information transmission system, and decryption apparatus
US6574735B2 (en) * 1997-08-29 2003-06-03 Sony Corporation Information signal recording/reproducing system, information signal recording device, information signal reproducing device and information signal recording/reproducing process
US6463539B1 (en) * 1997-09-30 2002-10-08 Victor Company Of Japan, Ltd. Managing system for reproducing information composed of information recording medium, managing medium, and reproduction method and apparatus method therefor
US6421779B1 (en) * 1997-11-14 2002-07-16 Fujitsu Limited Electronic data storage apparatus, system and method
US6362893B1 (en) * 1998-03-06 2002-03-26 Fargo Electronics, Inc. Security printing and unlocking mechanism for high security printers
US6865431B1 (en) * 1999-05-28 2005-03-08 Matsushita Electric Industrial Co., Ltd. Semiconductor memory card, playback apparatus, recording apparatus, playback method, recording method, and computer-readable recording medium
US7032240B1 (en) * 1999-12-07 2006-04-18 Pace Anti-Piracy, Inc. Portable authorization device for authorizing use of protected information and associated method
US6901511B1 (en) * 2000-01-13 2005-05-31 Casio Computer Co., Ltd. Portable terminals, servers, systems, and their program recording mediums
US7003501B2 (en) * 2000-02-11 2006-02-21 Maurice Ostroff Method for preventing fraudulent use of credit cards and credit card information, and for preventing unauthorized access to restricted physical and virtual sites
US20020029347A1 (en) * 2000-09-01 2002-03-07 Edelman Martin S. System and method for preventing unauthorized access to electronic data

Also Published As

Publication number Publication date
JP2003016724A (ja) 2003-01-17
JP3849465B2 (ja) 2006-11-22

Similar Documents

Publication Publication Date Title
US6314409B2 (en) System for controlling access and distribution of digital property
US5870467A (en) Method and apparatus for data input/output management suitable for protection of electronic writing data
KR101009126B1 (ko) 대응하는 구성요소를 인증하기 위한 디지탈 인증서 및 디지탈 인증서 인증 방법
US20060178997A1 (en) Systems and methods for authoring and protecting digital property
US7844832B2 (en) System and method for data source authentication and protection system using biometrics for openly exchanged computer files
US20050021948A1 (en) Secure single drive copy method and apparatus
JP2003058840A (ja) Rfid搭載コンピュータ記録媒体利用の情報保護管理プログラム
US20100043070A1 (en) File-access control apparatus and program
US20090287942A1 (en) Clock roll forward detection
JP4662138B2 (ja) 情報漏洩防止方法及びシステム
US20080263630A1 (en) Confidential File Protecting Method and Confidential File Protecting Device for Security Measure Application
KR100750697B1 (ko) 사용자 액세스 기능을 갖는 공유스토리지가 구비된 디지털문서보안 시스템, 및 그 시스템을 이용한 문서 처리방법
JPH08137686A (ja) 著作物データ管理方法及び著作物データ管理装置
JP2004070674A (ja) 電子データ交換システムにおけるデータ保護装置及びデータ保護方法並びにそれに用いるプログラム
JP4471129B2 (ja) 文書管理システム及び文書管理方法、文書管理サーバ、作業端末、並びにプログラム
JP4293238B2 (ja) 資産持ち出し管理システム、資産持ち出し管理方法、持ち出し資産、持ち出し資産制御プログラム
US20030005320A1 (en) Electronic security information management method and recording medium using an IC card
JP2008129803A (ja) ファイルサーバ、プログラム、記録媒体及び管理サーバ
US20050120210A1 (en) Method to minimize software piracy and enhance security in processes related with many industries
JP3690685B1 (ja) 電子ファイル管理システムおよび電子ファイル管理プログラム
TWI444849B (zh) 透過伺服器驗證並授權解密以監控個資檔案之系統及方法
CN113806785A (zh) 一种用于对电子文档进行安全保护的方法及其系统
JP3840580B1 (ja) ソフトウエア管理システムおよびソフトウエア管理プログラム
US20110022849A1 (en) System and method for securely storing information
JPS63127334A (ja) 保護されたアプリケーションの実行権に条件を付ける方法

Legal Events

Date Code Title Description
AS Assignment

Owner name: FUJITSU LIMITED, JAPAN

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:MATSUNE, SHINJI;FUKUYA, SHOUZOU;NITTA, HIROSHI;REEL/FRAME:012995/0431

Effective date: 20020423

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION